| luckytus.shop/ZM-S22-SpinFlag/7.png | 188.114.96.1 | 200 OK | 9.3 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/7.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hasha710a588b037577ed57124e3470e083e c45e56c9694b7cbd30bb5e28952be5afc4ded802 76cde0a0c13f4b36c10234d3ed83aafe81e3ab44ef7b70d4eb11824aad9b093e
GET /ZM-S22-SpinFlag/7.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 9323
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "60081b283a3b4a05c81566b625fdb14d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k5coQyolgW387w8jfnTrU8nFpNJ0PaednKK014uIeTfvZRo14XqmU%2Fhx0%2BFCRni7yqDTXOSDW22wkzKwmMoPyxgzXN62SD9LuAYyyn5sl0qHHk1ZyxdXi%2FIGNQPgmcrn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c8ab21b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/clip_footer_3.png | 188.114.96.1 | 200 OK | 2.5 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/clip_footer_3.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 52 x 59, 8-bit colormap, non-interlaced Hashe1b626392882cc25b4d891afaa68afd4 454d7abdbc2548d04feb95436ea0ab4126b4f00b ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f
GET /ZM-S22-SpinFlag/clip_footer_3.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 2460
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "706c35ac9626fe7cad6cad2e3ed78cf3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bQUovB%2FHNMoQvDiZjKcqO2uawyIi8ceOc5RiaZA7VOekzR7rlVrvEi%2FV8OeiSwp2Ak9Nkjkd%2F65JJWdMXVf6DJA3J3ZAOX8lXHXgp6Ml1uvmIejA14ujo5WYwoZPgb8P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c8bb2eb511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/3.png | 188.114.96.1 | 200 OK | 7.4 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/3.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hashc658f8c878a5b624448bac8dbea1e310 137916bf749c4dbf3db42434b26dbfc297049bb3 f322bab23c3fe6191f801277d45414e10d10fc25ad0f46def9aa017b6a117f6c
GET /ZM-S22-SpinFlag/3.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 7357
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "b09a320e98d0a231dd543c9fa09d6ddc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fWvTtuSu%2BEoZvywkk0rZE7ZSW%2BKlSo1VgIn78BjXLgSI%2FIhvvgLNejda6RtDVtNTgwaQ7uktMeNY%2FlWRc97fAdrw3ayGC8rY0C5LnDi%2BZQHKZZ%2B20mFRCyoxnNSUaD5h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c8ab24b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/flag.png | 188.114.96.1 | 200 OK | 493 B |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/flag.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 35 x 21, 8-bit/color RGBA, non-interlaced Hashd7eaf242f6fc7253f5771794df5809fc d1752abc8e3048df22f126d396a38aa7f249741f cc571d9688b0a3bb93711afc2171c630031fa08a3dd926b2ed097a881ad9cc83
GET /ZM-S22-SpinFlag/flag.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 493
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "fd97d7ca0b391e46fcafeb7b808acfc6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQMnra75tsFx%2FngVYlAwJGCvwG3BNjc5oCHJAZ1X%2BipRma16x1SVykeFFlHO7WFkxIAr50kqXWc3gI8vbYx7cnX%2B1Y%2FjL7KeXBQuWikBgg4jTtWto%2BzoeV0RvoAnMaYX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c89b0fb511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/4zmktv1.png | 188.114.96.1 | 200 OK | 109 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/4zmktv1.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 501 x 501, 8-bit/color RGBA, non-interlaced Size109 kB (109151 bytes) Hash3ae8e9c19f72680e3b612c7dad852073 359fb5f4f5f498b9cc5f38920e90eb000904f669 0964d4a08d0e9f9b6877b9c07c2724d16c23569a1cc39857a83564af26875413
GET /ZM-S22-SpinFlag/4zmktv1.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 109151
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "703652490562f0fa9d2c4398454a6d2c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ATEp7tTHVcHT6uMHYy%2FmETWYnBwRIZ3k6MU7qdbSGZpEfOUwds3TWU2jjgeNJYQGqUdKu3%2Bg5r429uG07kXR5gFIKbz8OuKi3MDhTESYUZn5dhJzq%2FfUv%2F8WwuxpeGs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c89b10b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/4.png | 188.114.96.1 | 200 OK | 6.4 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/4.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hash69fd823b8396fcc858bf954668fe8ace 63a61f526a3b39d9dbf67a6efbb64eceb8cf49f3 5efd6d48bb230a56c337bd4d16c9e8b734c850f994498f33f174a9404efd1353
GET /ZM-S22-SpinFlag/4.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 6420
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "3229915a51d375675a47a69a3cfdff80"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7vEpLhwxvRPsbzMzZI1eoZruFoqewP9x5kmbf94OpDOfT%2FY%2Bgj2YXTrUXIckYaKTvjjcEhzucGu8iEGXqYkCuNth8nGm%2BhyHSX6IAXrjcwhwaI7rL8ctRK%2BRy1mxPKCo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c8ab25b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/like_user_1.jpeg | 188.114.96.1 | 200 OK | 1.3 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/like_user_1.jpeg IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3 Hash2aa0d43e70d60d76ac4bdff139f8c7cb d7e3433297ad90f5d99249aee29b645265c9f3eb e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa
GET /ZM-S22-SpinFlag/like_user_1.jpeg HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/jpeg
content-length: 1293
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "9b2e5b29944560c02996cd0975502b7a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pSQVgm%2FU%2F07WjOrS54Zic0vrMukGrMfaJSwdpKTi4aUEg%2FIZ0MUPA6WvVsB29vlsekCx5XHl2Juak96cF3wH5g2fLry4wfsqfxkQAlRSX0SkmkeHH1Pit8Rdxe%2BlTara"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c8ab1eb511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/like_user_2.jpeg | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/like_user_2.jpeg IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 50x50, components 3 Hashf9299c2023539a8f27a6e1b12ed260e5 046baf9bcd1bbdf9d51ca63e3899ea2e7f5de0b2 ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd
GET /ZM-S22-SpinFlag/like_user_2.jpeg HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/jpeg
content-length: 1216
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "cd7d77fc4dab25f900f23ab8780822c9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QecEqV%2BTJxVAHRN6aF8S5eqy2dWiTnMZWI3wQFl6iJ%2BfoVTMV6MeLTOp43LSIbvGTB55U8hYpwEWs3%2FGN3u%2BYvsmwYoZz9gEkyGzYXhPtDlq%2FH1V7CDW3j1VCriRhpz%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c8ab20b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/1n7uqfa.png | 188.114.96.1 | 200 OK | 54 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/1n7uqfa.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 165 x 207, 8-bit/color RGBA, non-interlaced Hashe4223ddfb2b10da1f0d6dd9da537268b c9c828a947cdaab72447d4d2260e274025c68354 3c540bf4496aeaac1388cb7ece901164b31f04dabf9407f8f2ec728f543cdef9
GET /ZM-S22-SpinFlag/1n7uqfa.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 54181
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "71d68ab307c25e15eb82c21077f22500"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sRB%2Fu2xma3SDGCc3Bgkh4h4kDtZkDQ9ooMyS1Z3s0MpIY14085OReAS7YcA7DrBgNZEqt%2Be%2F3WgvgAK19xKAC%2Bi%2BpjRsudLffbGFAMLKQQnTixW%2Fsmr%2BjryCuQaZMGRI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c8ab1cb511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/footer_right.png | 188.114.96.1 | 200 OK | 4.9 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/footer_right.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 168 x 66, 8-bit colormap, non-interlaced Hash0e786b7344ac0b63609290a3a415fc4f c2e77827e895aaa13522f1c5c0ef79d4caef0bb2 f044237e4439b415a4947127f26fb14b4d32cf1d32ff51fd8f0ff4d21d2692e5
GET /ZM-S22-SpinFlag/footer_right.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 4919
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "3b6543f8aff814ffed2e98bb3f6ddce3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IlQguyiQfavqC2oKSPrw1Z7WSHFuMOba9M%2BtcPg5UZpM4lQD5ZM%2F9VICtRWplV3XocTPCS4w4ZJMWICyovj%2FWZlLDBa55zvnqEHElKDWL0p68D29t0N7ekEkiCxPfZSX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c8bb30b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/tpbdc9x.png | 188.114.96.1 | 200 OK | 45 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/tpbdc9x.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 165 x 202, 8-bit/color RGBA, non-interlaced Hasha81c981271ea04a9ae516b8b97512937 5d055ec7a35b0311efc22d5be838c0dbe35b4dfd 239ed6a131c550919c7e59a2f1cc0057be22469cc6b9e05f7c191a5aebcb1a5c
GET /ZM-S22-SpinFlag/tpbdc9x.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 44592
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "27e734a468432cc1b55131fa2a32ef9e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=epxDvLobAD2hV5vKfbK6rf%2BJCfYSAsZGxfJSdLC4Kj%2FYoc1F4JCl4lN7MgLFOgpp36Q4DCcO%2BXEEORLbXizEdW3%2BFdWbDF%2BtAJRXh4GcscxeRlW29LlK7WnExCsu7yuq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c8ab1db511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/index1 | 188.114.96.1 | 200 OK | 10 kB |
URL User Request GET HTTP/2luckytus.shop/ZM-S22-SpinFlag/index1 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (328) Hash111754384eda2a6a58b4a66ae51e8e59 c4e2b80a2bab353d988baa9b372c99e64ee04c05 f12821f56b9b772a640158c83f5b0954cf44fbd197292974d4ff50ec5362a4b3
GET /ZM-S22-SpinFlag/index1 HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U97DZzUzLabQLIfCj8TjMFR3Xv6hhU2uqxxgXW%2BCDZjrf5SllrYYrXY3bEETJO48hE1JykESh5uH94Tw7DWcK12H0WiRhA%2FVvsLcWbh%2FeuefrmLheEPa3PbXXX2UD%2BbS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8790d0c70947b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| luckytus.shop/ZM-S22-SpinFlag/6.png | 188.114.96.1 | 200 OK | 3.3 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/6.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hash559aa50de6cfcacb3492a53a6bd00f3b 342fe7ce594d6d62bd00de93743ca64cb760c0e6 5342ad1513b0155dec49024b7d6cb2919c2a3dd0f27079d20f85a2bf612af0da
GET /ZM-S22-SpinFlag/6.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 3274
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "a0e5cb6093c3d4b648edd5b0e07a37f2"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q2SGjg5e2g85p993RCILFRvUabRqqYFFzcziv9Qgcnvt3X7f%2BgRqDfW5%2FncJhnIh7QCyrqTryz1wEB3ug1sDQUoH4XalSPYIFVqGATLH49ZOIVvvKwde%2BuV2B0B%2FkEnS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c8ab26b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/1.png | 188.114.96.1 | 200 OK | 6.2 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/1.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hashe1cee9d532cda163b54e841fe5334585 fb39ec7c6d51cd980f1cf7f7ac6ab6e4ce32a73f 64c680d842ec77c1a370409b64ebdb76afbfc16a10435544a6120c3905642fd4
GET /ZM-S22-SpinFlag/1.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 6202
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "e9654c5ff9dd0d16f8bead5137b86262"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fho2dZnClyZWrvqlclkgqfVANMz6tYD55XO4CHTCBFXAoVi7wshbMjiYYB%2FxyGHZLkub5uFzpfYRgH3pV2GN2mR1EbNMtaEyTuG2ve3aGdjUq8cuu9Pf5O6NuiNvnIhy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c8ab2ab511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/8.png | 188.114.96.1 | 200 OK | 5.1 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/8.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hash02195bcdf63c5db77b01b0d2425019d8 316cef0e7e5733104a4bf763216ef40e585d0ce2 dd0d6cd1f347816733de9b909230f5b9a656b410c90329e288cc1af2f56a6996
GET /ZM-S22-SpinFlag/8.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 5087
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "17b619cbabfb43e89986ec8a655c681b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TbtGaF%2FHmBSG%2FbJ82LExeFMZS63ZtXKmj%2BKPclL0RZ96PDamAzIPYXyXno6en6dK6rx8MIFZa5uFEpwcAuLGmUcltp%2FrWZd3RkRjFr0QBHDSh5KHg%2B57ZC8dzDtrQVE3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c8bb2db511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/0eig5fp.png | 188.114.96.1 | 200 OK | 151 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/0eig5fp.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 202 x 423, 8-bit/color RGBA, non-interlaced Size151 kB (150594 bytes) Hash4da7bc685fa662ec184a4e5d4bebff4f f9d80c7de613985671d9660db63676ba5513f4ad 0cd83c0b828156f5f240c4fde678e794e2909ec8d23c2b17d95e2e5697d403eb
GET /ZM-S22-SpinFlag/0eig5fp.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 150594
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "4f45cb0c4981743ee0b8f2cbd3f04473"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pobt7lJxOrj78E2v7acZkUWcZCFpcblDu7SXg6BVcY0M2A9vfeN6jCWci59i2urSwJfAFVWhS3whjpL1mEzoEOCO9%2BqmyqWDQcTkfxFeakWTILJlg%2BM7pp%2F5eAAHH4cu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c8ab19b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/menu_2x.png | 188.114.96.1 | 200 OK | 124 B |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/menu_2x.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 40 x 36, 8-bit gray+alpha, non-interlaced Hash8f68efd9388ccd80b43759b2ed542305 9f2cf96efe3bdec2ab64bc51856619cc02958fe6 455b82fa1e54fc88fe0699eabecb02155f1d6228e0ae3d7f72e1abe92dae8f3c
GET /ZM-S22-SpinFlag/menu_2x.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/style.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 124
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "a55d3d499644740fc2ad414a4e2132c8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sGvYx0aVq3Hg3znOw8OmZ5lBm5KXLWw%2BbHhNA91bn60VjT652UvgDtOniHra2tZ8yHsuJGXJu%2Fls%2FvcfNv3DY8Rhl%2FYUUjazGNo6gA7ymCRmQajVFlQTUG77RqW%2F1e44"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c93bfeb511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/notify_2x.png | 188.114.96.1 | 200 OK | 229 B |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/notify_2x.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 36 x 32, 8-bit gray+alpha, non-interlaced Hash988234626ae7a880ed9c6a92f6336c0f 173967c2b59baed4a06997d874aba32ab65da201 4566dd8f59a09f51415a7c8955f48f75298522fc6db554bc1a59ad79c3e3e314
GET /ZM-S22-SpinFlag/notify_2x.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/style.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 229
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "6b45dc6a31d3d4062c29615fe0b98a64"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gw0J%2FTECj7%2BjCzMZNR7SCbaZPhJhoK8kNtrYLP1BMO6sjZMDwPreBpGvioZD0xdQVhSkBIw5GwbcWUjvUpImVvBlKZXBR7isyIxtFuqKpemqodG4rIXN9U%2FxAjd5ylJc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c93c02b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/spin_prize2.png | 188.114.96.1 | 200 OK | 2.8 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/spin_prize2.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 142 x 173, 8-bit colormap, non-interlaced Hashf278c8d30fc51b72e0774b9ecb49214c 03b574db82b31ee5758eb5093fda8ea25d1b00d8 43f3e6d7e7b011430b39020bc5ff8fe6be2947100c597de44ca549ea96a0fd7c
GET /ZM-S22-SpinFlag/spin_prize2.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/style.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 2814
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "974e1465fe4d9ef295b8e49f5cdfc392"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FINZKcxqqwEEpP%2BYMaIGnanO7Vv7X424TyiE8EFCt8ZFs3wYmVKRAV7zh%2BCLHdnigdNwFJ%2Fbhx3w2FO0JbBo6mmnouiwLqrC%2BbIrI7Ey0me1ckuWhQh7eJyu0Js0MrII"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c94c0db511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/comment_action_2x.png | 188.114.96.1 | 200 OK | 641 B |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/comment_action_2x.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 24 x 120, 8-bit colormap, non-interlaced Hashe9b3872b3e63e19728176d45f0aa6986 b638f89d5d80c4cd65327da973c52f778e30bd55 a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5
GET /ZM-S22-SpinFlag/comment_action_2x.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/style.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 641
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "9051b501a938dc2d8883f5fab13c401c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P4Gqb29SS%2FEgHBfzqdYabiyvIUtNbMd0IvNHlOdjy%2Biz1N3VeolCtX%2F08%2Fasi5A4%2FEewFjSMOm%2BOERz6heqRPL0DqtqbPpoi66bODdRusbX7ftjO7dR19SLKSx7DCQIg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c94c12b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/action_icons_20px_2x.png | 188.114.96.1 | 200 OK | 1.7 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/action_icons_20px_2x.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 40 x 360, 8-bit colormap, non-interlaced Hashb699975b5fe73b087e711a33ff24ee1e 0e33cc5c32a5e7d18440751e3946076664caaf53 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
GET /ZM-S22-SpinFlag/action_icons_20px_2x.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/style.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:07 GMT
content-type: image/png
content-length: 1726
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "2987e834107b7e35c3c404b4ddd14296"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PTi7itsHNMr%2BkQZiYAGewSyz3Bu0bTkxhi2Kv%2BAt6ij5HNx7yMRpo7zCdmMuqkQNMSNwXKGS8FOYTQvrqy5fB1v0R3r%2Fdsfnt3TGcW8Fgdffk8qONcaFX0eIrGUxhVow"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c94c0fb511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| poavoabe.net/zone?&pub=0&zone_id=5542487&is_mobile=false&domain=luckytus.shop&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.501&trace_id=749fc90c-6db4-46d3-824f-ecacd595c200&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2poavoabe.net/zone?&pub=0&zone_id=5542487&is_mobile=false&domain=luckytus.shop&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.501&trace_id=749fc90c-6db4-46d3-824f-ecacd595c200&action=prerequest IP139.45.197.251:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectpoavoabe.net FingerprintEA:0B:FC:6A:9F:F2:C8:BB:63:B0:A9:3E:B1:A6:7B:52:34:86:5B:A4 ValidityMon, 15 Apr 2024 05:23:56 GMT - Sun, 14 Jul 2024 05:23:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=5542487&is_mobile=false&domain=luckytus.shop&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.501&trace_id=749fc90c-6db4-46d3-824f-ecacd595c200&action=prerequest HTTP/1.1
Host: poavoabe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/
Origin: https://luckytus.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:06:07 GMT
content-length: 0
x-trace-id: 8c7c446d6ac99be959c5b74d8fd2bbb7
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://luckytus.shop
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/
Content-Type: text/plain;charset=UTF-8
Content-Length: 264
Origin: https://luckytus.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:06:07 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: c17d57cb00397a536ea77ce4a544a38c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://luckytus.shop
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| luckytus.shop/favicon.ico | 188.114.96.1 | 200 OK | 63 B |
URL GET HTTP/3luckytus.shop/favicon.ico IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typeASCII text, with no line terminators Hash77634bf2b23a7b003f5bd29700f186d3 f30ec870adf250a3d2bf28f4f0236f3bd13c7148 8d5aa6b906afc83e18606553f08275056d01a4babf6ad7604aafc7d54a4a880e
GET /favicon.ico HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:07 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jh27IZb3l99l1g%2B4ecvEoxmJoZfcbrAeT8wn6RTrYa2DRv7zJ2CJXlo89o4p9bVVtCRsB44INYIiAPUUzsNiRAvfkb2Chl6jZlYKnxhOlE7a5C2p8vfi2B00Il2iqvEb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 8790d0cacdbbb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/
Content-Type: text/plain;charset=UTF-8
Content-Length: 267
Origin: https://luckytus.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:06:07 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 9ff8157437ef867f3006687305a3ce51
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://luckytus.shop
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://luckytus.shop/
Origin: https://luckytus.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:06:07 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://luckytus.shop
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash23d4282396a2e16f0ac86bfa5818d113 3c468cab2e74617a7bcce5c88ef9709eefac4898 6115e2c3b11fab610335b2d553f7bb87e38a8a31c7e313d2829400aa3b139384
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/
Content-Type: application/json
Content-Length: 888
Origin: https://luckytus.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:06:07 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://luckytus.shop
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| luckytus.shop/ZM-S22-SpinFlag/main_script.js | 188.114.96.1 | 200 OK | 21 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/main_script.js IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
Hashdc9a27d01c1e53204a61a4a78b5bec2a ff0fac05534faa32d357a9ae7882b8e640134c2d 223c33e68a880bf6c307b0a4c227eb95136a1a4035e4ff8ec47cd92f574ab99a
GET /ZM-S22-SpinFlag/main_script.js HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"e7559ca6cbc0ac1c0737ee0164404566"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fIRXoBTaaoJto14MNWkQiMVU2ZK4qn0DvZMB%2Bd9piIniC66IvQiHenkpa5qV5UfeR9PuTEG%2BqdD9%2BQyyttdowPtQs64WATgYH59z10%2Bcfb1AVS1C6PZG7lE%2F%2FY7Wlt1d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 8790d0c8bb33b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| luckytus.shop/ZM-S22-SpinFlag/2.png | 188.114.96.1 | 200 OK | 6.4 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/2.png IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hash479fd25da58d9c6fd96921b19d02eabd aad271d39dc0b62a3c795ba3f3931699c1b4dfe6 35e1b3fa5cc8195d8213560d2404bf2dc4b7315344a58ef1bd5ee3f3dffd2630
GET /ZM-S22-SpinFlag/2.png HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: image/png
content-length: 6429
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "1722d235dcd491018212ac5b7df8b332"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tWK2Hdj54JcJFGi9ofPqU%2FKRFUl2P1l83DJw7QkpvhTzktEUoFnPyvxIf9l9lpRFmK0OFrCUuJtc5xqTjVRe124FdtgAH2Pd3zYO3t9ShzUT1keBxBoCNZWBm8rW49rv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8790d0c8ab22b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| poavoabe.net/pfe/current/micro.tag.min.js?z=5542487&sw=/sw-check-permissions-d059b.js | 139.45.197.251 | 200 OK | 37 kB |
URL GET HTTP/2poavoabe.net/pfe/current/micro.tag.min.js?z=5542487&sw=/sw-check-permissions-d059b.js IP139.45.197.251:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectpoavoabe.net FingerprintEA:0B:FC:6A:9F:F2:C8:BB:63:B0:A9:3E:B1:A6:7B:52:34:86:5B:A4 ValidityMon, 15 Apr 2024 05:23:56 GMT - Sun, 14 Jul 2024 05:23:55 GMT
File typeJavaScript source, ASCII text, with very long lines (36570), with no line terminators Hasha20bcaec96bee3dbd00db263a10489fd 2b938c0fe930489aab17567f78269f42d43e0555 b09a1860a090fc1aa1b482392060a3bb197d25044275dda41fdce5770ba758ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?z=5542487&sw=/sw-check-permissions-d059b.js HTTP/1.1
Host: poavoabe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 21:06:07 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 08:30:08 GMT
etag: W/"66222b90-8eda"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| luckytus.shop/ZM-S22-SpinFlag/style.css | 188.114.96.1 | 200 OK | 15 kB |
URL GET HTTP/3luckytus.shop/ZM-S22-SpinFlag/style.css IP188.114.96.1:443
Requested byhttps://luckytus.shop/ZM-S22-SpinFlag/index1 CertificateIssuerLet's Encrypt Subjectluckytus.shop FingerprintDF:FC:8C:85:D3:4F:C9:FF:DF:02:28:D0:84:FA:68:66:3F:F4:1F:AD ValiditySun, 21 Apr 2024 05:38:00 GMT - Sat, 20 Jul 2024 05:37:59 GMT
Hash8c24a5cb4c55b9d6cd3029f5fd2c6fe7 e7371a614b9902e7a1256ab05cfb58d2a332c3e8 ac21c169cac551dc3ce8ee3c85f35d8c16fc76c3006618f39f428798904656f6
GET /ZM-S22-SpinFlag/style.css HTTP/1.1
Host: luckytus.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://luckytus.shop/ZM-S22-SpinFlag/index1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:06:06 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"ffd7f948346ce664bf75cb6ac5a4442b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wkx9ogSVDS8itYmheGhr6iAjXtD%2FDiiOXoFX0V2DN2fUdPbaljSan6LJKtPDigaswYD0p1O3atkdLRIYkit%2FV8A71DW4a022k7d84%2Fd1UCuk91VZ0Amch3rwUn9ZP1GR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 8790d0c89b0eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|